Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    285fb0c788cf0d8b16f4eb5947e6a6e2b27805ae14d7a5ee8aa7ee41f0b4dcbd

  • Size

    1.3MB

  • Sample

    231121-ays3asbg6z

  • MD5

    8688d56310943a91c9285e0161518b1e

  • SHA1

    92e8f3067c92f188b7eb4b4889c20fae045f3047

  • SHA256

    285fb0c788cf0d8b16f4eb5947e6a6e2b27805ae14d7a5ee8aa7ee41f0b4dcbd

  • SHA512

    b411ce74b9ffdaa2514222e990a35062ae3a892aed95ae5031556c0d8fcd7fb4424a51d67b74fb0957b5972f11c1ad436720597852007066b1f2816fdba01a3f

  • SSDEEP

    24576:Qak/7Nk4RZt1xKZu0zoFmDcpii9iGn+66rLfJIgtEqPILWz8oDqE:Qak/1AZu+k0WdEacJRIo+E

Malware Config

Targets

    • Target

      285fb0c788cf0d8b16f4eb5947e6a6e2b27805ae14d7a5ee8aa7ee41f0b4dcbd

    • Size

      1.3MB

    • MD5

      8688d56310943a91c9285e0161518b1e

    • SHA1

      92e8f3067c92f188b7eb4b4889c20fae045f3047

    • SHA256

      285fb0c788cf0d8b16f4eb5947e6a6e2b27805ae14d7a5ee8aa7ee41f0b4dcbd

    • SHA512

      b411ce74b9ffdaa2514222e990a35062ae3a892aed95ae5031556c0d8fcd7fb4424a51d67b74fb0957b5972f11c1ad436720597852007066b1f2816fdba01a3f

    • SSDEEP

      24576:Qak/7Nk4RZt1xKZu0zoFmDcpii9iGn+66rLfJIgtEqPILWz8oDqE:Qak/1AZu+k0WdEacJRIo+E

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks